Bug#674598: make-ssl-cert fails on long-named hosts

[Ben Howard <ben.howard@ubuntu.com>]

Package: ssl-cert
Version: 1.0.28

The 'make-ssl-cert' command fails on hosts with longer than 64-characters as the FQDN.
https://bugs.launchpad.net/ubuntu/+source/ssl-cert/+bug/1004682

ben@utlemming-22a:~$ hostname -f
utlemming-22a.139cd93ba280479588e4157eac561a0b.utlemming-22a.525551751.uswest.internal.utlemmings-excellent-cloud.com

ben@utlemming-22a:~$ sudo make-ssl-cert generate-default-snakeoil
Could not create certificate. Openssl output was:
Generating a 2048 bit RSA private key
.......................+++
.................................................+++
writing new private key to '/etc/ssl/private/ssl-cert-snakeoil.key'
-----
problems making Certificate Request
139776384734880:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=64

The following is a patch submission that defaults to the short name if the FQDN is too long:

=== modified file 'make-ssl-cert'
--- make-ssl-cert    2009-11-01 12:14:55 +0000
+++ make-ssl-cert    2012-05-25 20:23:05 +0000
@@ -30,9 +30,9 @@
 }
 
 make_snakeoil() {
-    if ! HostName="$(hostname -f)" ; then
+    if ! { HostName="$(hostname -f)" && [ ${#HostName} -lt 64 ]; }; then
         HostName="$(hostname)"
-        echo make-ssl-cert: Could not get FQDN, using \"$HostName\".
+        echo make-ssl-cert: Could not get or use FQDN, using \"$HostName\".
         echo make-ssl-cert: You may want to fix your /etc/hosts and/or DNS setup and run
         echo make-ssl-cert: 'make-ssl-cert generate-default-snakeoil --force-overwrite'
         echo make-ssl-cert: again.

-- 


Ben Howard
ben.howard@ubuntu.com
Canonical
GPG ID 0x5406A866